From 33f14412d7719f431a56143d2a8847b4b2397b8a Mon Sep 17 00:00:00 2001 From: Rich Megginson Date: Tue, 15 Aug 2023 11:12:02 -0600 Subject: [PATCH] first RC candidate for 8.9/9.3 - 1.22.0-1 Resolves:rhbz#2224648 : firewall - fix: reload on resetting to defaults sshd README remove upstream only docs first RC for 1.22.0 rhel 8.9 and 9.3 (cherry picked from commit 374357ec37ec51e9864c578a1331507b3907c51a) --- .gitignore | 2 + CHANGELOG.md | 197 +++++------------------------------------ extrasources.inc | 4 +- rhel-system-roles.spec | 14 ++- sources | 4 +- 5 files changed, 39 insertions(+), 182 deletions(-) diff --git a/.gitignore b/.gitignore index e7b6096..056fc35 100644 --- a/.gitignore +++ b/.gitignore @@ -202,3 +202,5 @@ SOURCES/vpn-1.5.3.tar.gz /kdump-1.3.4.tar.gz /firewall-1.6.1.tar.gz /podman-1.3.2.tar.gz +/community-general-7.3.0.tar.gz +/firewall-1.6.2.tar.gz diff --git a/CHANGELOG.md b/CHANGELOG.md index fe0b820..2c23d25 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,74 +1,32 @@ Changelog ========= -[1.22.0-0.21] - 2023-08-10 ----------------------------- - -### New Features - -- [podman - support quadlet units](https://bugzilla.redhat.com/show_bug.cgi?id=2220962) - -### Bug Fixes - -- none - -[1.22.0-0.20] - 2023-08-09 +[1.22.0] - 2023-08-15 ---------------------------- ### New Features +- [ALL - fingerprint in config files managed by roles](https://bugzilla.redhat.com/show_bug.cgi?id=2186910) +- [ad_integration - add ad_integration_force_rejoin](https://bugzilla.redhat.com/show_bug.cgi?id=2211723) +- [certificate - add mode parameter to change permissions for cert files](https://bugzilla.redhat.com/show_bug.cgi?id=2218204) - [firewall - missing module in linux-system-roles.firewall to create an ipset](https://bugzilla.redhat.com/show_bug.cgi?id=2140880) - -### Bug Fixes - -- none - -[1.22.0-0.19] - 2023-08-01 ----------------------------- - -### New Features - -- [podman - use getsubids to look for subuid, subgid for IdM support](https://issues.redhat.com/browse/RHEL-866) -- [podman - allow to not pull images, continue if image pull fails](https://issues.redhat.com/browse/RHEL-858) - -### Bug Fixes - - [firewall - fix: reload on resetting to defaults](https://bugzilla.redhat.com/show_bug.cgi?id=2224648) -- [podman - Podman system role: Unable to use podman_registries_conf to set unqualified-search-registries](https://bugzilla.redhat.com/show_bug.cgi?id=2226077) -- [firewall - Ansible RHEL firewall system role not idempotent when configuring the interface using the role in rhel9](https://issues.redhat.com/browse/RHEL-918) -- [kdump - use failure_action instead of default on EL9 and later](https://issues.redhat.com/browse/RHEL-907) -- [firewall - Check mode fails with replacing previous rules](https://issues.redhat.com/browse/RHEL-899) - -[1.22.0-0.18] - 2023-07-26 ----------------------------- - -### New Features - -- [systemd - system role for managing systemd units](https://bugzilla.redhat.com/show_bug.cgi?id=2224388) - -### Bug Fixes - -- none - -[1.22.0-0.17] - 2023-07-25 ----------------------------- - -### New Features - +- [firewall - should have option to disable conflicting services](https://bugzilla.redhat.com/show_bug.cgi?id=2222809) +- [ha_cluster - Add possibility to load SBD watchdog kernel modules](https://bugzilla.redhat.com/show_bug.cgi?id=2190478) +- [ha_cluster - cluster and quorum can have distinct passwords](https://bugzilla.redhat.com/show_bug.cgi?id=2216485) +- [ha_cluster - support for resource and operation defaults](https://bugzilla.redhat.com/show_bug.cgi?id=2190483) - [keylime_server - system role for managing keylime servers](https://bugzilla.redhat.com/show_bug.cgi?id=2224387) - -### Bug Fixes - -- none - -[1.22.0-0.16] - 2023-07-21 ----------------------------- - -### New Features - +- [network - Support configuring auto-dns setting](https://bugzilla.redhat.com/show_bug.cgi?id=2211273) +- [network - Support no-aaaa DNS option](https://bugzilla.redhat.com/show_bug.cgi?id=2218595) - [podman - allow container networking configuration](https://bugzilla.redhat.com/show_bug.cgi?id=2220963) - [podman - support for healthchecks and healthcheck actions](https://bugzilla.redhat.com/show_bug.cgi?id=2220961) - [podman - support quadlet units](https://bugzilla.redhat.com/show_bug.cgi?id=2220962) +- [postgresql - [RFE] system role for PostgreSQL management](https://bugzilla.redhat.com/show_bug.cgi?id=2151371) +- [rhc - implement rhc_proxy.scheme](https://bugzilla.redhat.com/show_bug.cgi?id=2211778) +- [rhc - [RFE] New role for Red Hat subscription management, insights management [rhel-8.9.0]](https://bugzilla.redhat.com/show_bug.cgi?id=2179016) +- [ssh - add ssh_backup option with default true](https://bugzilla.redhat.com/show_bug.cgi?id=2216759) +- [storage - RFE for the storage system role to support configuring the stripe size for RAID LVM volumes](https://bugzilla.redhat.com/show_bug.cgi?id=2141961) +- [storage - [RFE] user-specified mount point owner and permissions](https://bugzilla.redhat.com/show_bug.cgi?id=2181661) - [systemd - system role for managing systemd units](https://bugzilla.redhat.com/show_bug.cgi?id=2224388) ### Bug Fixes @@ -76,127 +34,14 @@ Changelog - [ALL - facts being gathered unnecessarily](https://bugzilla.redhat.com/show_bug.cgi?id=2223036) - [certificate - rhel-system-roles.certificate does not re-issue after updating key_size](https://bugzilla.redhat.com/show_bug.cgi?id=2186057) - [firewall - Check mode fails when creating new firewall service](https://bugzilla.redhat.com/show_bug.cgi?id=2222433) -- [firewall - should have option to disable conflicting services](https://bugzilla.redhat.com/show_bug.cgi?id=2222809) -- [firewall - when firewalld.service is masked, firewall role fails](https://bugzilla.redhat.com/show_bug.cgi?id=2222808) -- [storage - RAID volume pre cleanup - remove existing data from member disks as needed before creation](https://bugzilla.redhat.com/show_bug.cgi?id=2224094) - -[1.22.0-0.15] - 2023-07-10 ----------------------------- - -### New Features - -- [certificate - add mode parameter to change permissions for cert files](https://bugzilla.redhat.com/show_bug.cgi?id=2218204) -- [network - Support no-aaaa DNS option](https://bugzilla.redhat.com/show_bug.cgi?id=2218595) - -### Bug Fixes - -- none - -[1.22.0-0.14] - 2023-07-09 ----------------------------- - -### New Features - -- none - -### Bug Fixes - -- none - -[1.22.0-0.13] - 2023-06-23 ----------------------------- - -### New Features - -- [ssh - add ssh_backup option with default true](https://bugzilla.redhat.com/show_bug.cgi?id=2216759) - -### Bug Fixes - - [firewall - Don't install python(3)-firewall it's a dependency of firewalld](https://bugzilla.redhat.com/show_bug.cgi?id=2216521) - -[1.22.0-0.12] - 2023-06-22 ----------------------------- - -### New Features - -- [storage - Storage: mounted devices that are in use cannot be resized](https://bugzilla.redhat.com/show_bug.cgi?id=2168738) - -### Bug Fixes - -- none - -[1.22.0-0.11] - 2023-06-20 ----------------------------- - -### New Features - - [kdump - support auto_reset_crashkernel, dracut_args, deprecate /etc/sysconfig/kdump](https://bugzilla.redhat.com/show_bug.cgi?id=2211272) - -### Bug Fixes - -- none - -[1.22.0-0.10] - 2023-06-07 ----------------------------- - -### New Features - -- [ad_integration - add ad_integration_force_rejoin](https://bugzilla.redhat.com/show_bug.cgi?id=2211723) - -### Bug Fixes - -- none - -[1.22.0-0.9] - 2023-06-06 ----------------------------- - -### New Features - -- [network - Support configuring auto-dns setting](https://bugzilla.redhat.com/show_bug.cgi?id=2211273) -- [rhc - implement rhc_proxy.scheme](https://bugzilla.redhat.com/show_bug.cgi?id=2211778) -- [storage - RFE for the storage system role to support configuring the stripe size for RAID LVM volumes](https://bugzilla.redhat.com/show_bug.cgi?id=2141961) - -### Bug Fixes - -- none - -[1.22.0-0.8] - 2023-05-30 ----------------------------- - -### New Features - -- [storage - [RFE] user-specified mount point owner and permissions](https://bugzilla.redhat.com/show_bug.cgi?id=2181661) - -### Bug Fixes - +- [podman - Podman system role: Unable to use podman_registries_conf to set unqualified-search-registries](https://bugzilla.redhat.com/show_bug.cgi?id=2226077) +- [rhc - system role does not apply Insights tags](https://bugzilla.redhat.com/show_bug.cgi?id=2209441) - [storage - Cannot set chunk size for RAID: Unsupported parameters for (blivet) module: pools.raid_chunk_size](https://bugzilla.redhat.com/show_bug.cgi?id=2193057) - -[1.22.0-0.7] - 2023-05-23 ----------------------------- - -### New Features - -- none - -### Bug Fixes - -- [rhc - system role does not apply Insights tags](https://bugzilla.redhat.com/show_bug.cgi?id=2209200) -- [tlog - use the proxy provider - the files provider is deprecated in sssd](https://bugzilla.redhat.com/show_bug.cgi?id=2179458) - -[1.22.0-0.6] - 2023-05-04 ----------------------------- - -### New Features - -- [fingerprint in config files managed by roles](https://bugzilla.redhat.com/show_bug.cgi?id=2186910) -- [ha_cluster - Add possibility to load SBD watchdog kernel modules](https://bugzilla.redhat.com/show_bug.cgi?id=2190478) -- [ha_cluster - support for resource and operation defaults](https://bugzilla.redhat.com/show_bug.cgi?id=2190483) -- [postgresql - [RFE] system role for PostgreSQL management](https://bugzilla.redhat.com/show_bug.cgi?id=2151371) -- [rhc - [RFE] New role for Red Hat subscription management, insights management [rhel-8.9.0]](https://bugzilla.redhat.com/show_bug.cgi?id=2179016) - -### Bug Fixes - -- none +- [storage - RAID volume pre cleanup - remove existing data from member disks as needed before creation](https://bugzilla.redhat.com/show_bug.cgi?id=2224094) +- [storage - Storage: mounted devices that are in use cannot be resized](https://bugzilla.redhat.com/show_bug.cgi?id=2168738) +- [tlog - use the proxy provider - the files provider is deprecated in sssd](https://bugzilla.redhat.com/show_bug.cgi?id=2191702) [1.21.1] - 2023-03-16 ---------------------------- diff --git a/extrasources.inc b/extrasources.inc index b2a163b..66ee568 100644 --- a/extrasources.inc +++ b/extrasources.inc @@ -1,9 +1,9 @@ Source801: https://galaxy.ansible.com/download/ansible-posix-1.5.4.tar.gz -Source901: https://galaxy.ansible.com/download/community-general-7.2.1.tar.gz +Source901: https://galaxy.ansible.com/download/community-general-7.3.0.tar.gz Source902: https://galaxy.ansible.com/download/containers-podman-1.10.2.tar.gz Provides: bundled(ansible-collection(ansible.posix)) = 1.5.4 -Provides: bundled(ansible-collection(community.general)) = 7.2.1 +Provides: bundled(ansible-collection(community.general)) = 7.3.0 Provides: bundled(ansible-collection(containers.podman)) = 1.10.2 Source996: CHANGELOG.rst diff --git a/rhel-system-roles.spec b/rhel-system-roles.spec index 20a0d31..4699861 100644 --- a/rhel-system-roles.spec +++ b/rhel-system-roles.spec @@ -27,7 +27,7 @@ Name: linux-system-roles Url: https://github.com/linux-system-roles Summary: Set of interfaces for unified system management Version: 1.22.0 -Release: 0.21%{?dist} +Release: 1%{?dist} License: GPLv3+ and MIT and BSD and Python %global _pkglicensedir %{_licensedir}/%{name} @@ -147,7 +147,7 @@ Source: %{url}/auto-maintenance/archive/%{mainid}/auto-maintenance-%{mainid}.tar %deftag 18 1.5.8 %global rolename19 firewall -%deftag 19 1.6.1 +%deftag 19 1.6.2 %global rolename20 cockpit %deftag 20 1.4.7 @@ -366,6 +366,10 @@ find -type f -executable -name '*.py' -exec \ sed -e '/^## Requirements/,/^#/s/^See below$/None/' \ -e '/^### Collection requirements/,/^#/ {/^### Collection/d;/^#/!d}' \ -i */README.md +# sshd README is not in the same format +sed -e '/^### Optional requirements/,/^Role variables/ {/^### Optional/d;/^Role variables/!d}' \ + -i sshd/README.md + %if %{with html} # HACK HACK HACK @@ -662,6 +666,12 @@ find %{buildroot}%{ansible_roles_dir} -mindepth 1 -maxdepth 1 | \ %endif %changelog +* Tue Aug 15 2023 Rich Megginson - 1.22.0-1 +- Resolves:rhbz#2224648 : firewall - fix: reload on resetting to defaults + sshd README remove upstream only docs + first RC for 1.22.0 rhel 8.9 and 9.3 + fix firewall reload test gather facts + * Thu Aug 10 2023 Rich Megginson - 1.22.0-0.21 - Resolves:rhbz#2220962 : podman - support quadlet units support for rootless quadlets, secrets diff --git a/sources b/sources index f9895e3..c4469c7 100644 --- a/sources +++ b/sources @@ -4,10 +4,10 @@ SHA512 (ansible-sshd-v0.19.0.tar.gz) = 06103696ee1810a8cdbb7f26e0542e85e53c6b758 SHA512 (auto-maintenance-e010c878833e363195dd707d1334ff48a254b092.tar.gz) = 01c4fbf9762d789f94dfea3f30a4bae5c7a8e37f551bd84efdd281bc7b84250aa45c6e9c6f4bfd0e41bce34ef2643e47718f6fd2b6ffade286758b1d625182fd SHA512 (certificate-1.2.1.tar.gz) = 7ca0dd56de62ffcfeb3d2d438f125f5bc04009357085053f2ab2fc281fd4fa659a9d77bf7aa37264c980f057db501e64cd6c72cd7545096850053e8b0a6c75f9 SHA512 (cockpit-1.4.7.tar.gz) = 4241a400e26abfdc188d016dc367a62cb51979bcaa41f579714e9b01d2a84548ba06f24f011936248bfe18e05c706a70e5e1367307d306f4c65fdcd9a6a83fa6 -SHA512 (community-general-7.2.1.tar.gz) = f9d35dd9979ac3b0b22f852703100228be1faf3073199122b870bba687b6db3b45f6713eb132186a5445b1c9d77abb0ed2d14f2e66fc44b64e91f166f025ace5 +SHA512 (community-general-7.3.0.tar.gz) = 8f7b6d31b3b6c9c5534f984ec9c7954ab3e7c0c5cbe78bf4e9178398bba1aa8371773a83fcdf37abf4cb6df3c3ebda88c29f20aa506fd27d4b428150fc107bf5 SHA512 (containers-podman-1.10.2.tar.gz) = b18122f4d5b2e68b6b6edfbb264a7ff98ce898db2bbf1f87e0d449f3dd7035d55d4bfcaed831159c2a0e7dcc61856ef38e22a553bb65ede4aced1830709b783e SHA512 (crypto_policies-1.2.11.tar.gz) = b3bac1bf3b960b44f437ed2a42d2208406956166c18a1d0e711c44b75997ec26dd6628e0257b72ba1e540e62ac88d968287a47b0750b42961a90fa508febf1e3 -SHA512 (firewall-1.6.1.tar.gz) = 84aaf0c9edd5a0b197fe2b5fcb39a3b4dce78ed2aceefa214f376dd0f45b92d19af148758be60e5c30376dc1d144421c7e1a0d6da64c0069687d3299686335e9 +SHA512 (firewall-1.6.2.tar.gz) = f380781b54b6596a3387581c4f1987d360ebfa3d47204add724a6ce7ce8667d6255b9f0ca725f64d1e5937188e93e53dfa3b8cf095318345dbbe41f4e3fa1f90 SHA512 (ha_cluster-1.10.0.tar.gz) = 961145301b607def32352bd79f46f31d33866d3c3f588649135cab061966f65157a9fe3923881a294e80b87d6671697446a6074da4cf1b8645af11affc89500d SHA512 (journald-1.0.5.tar.gz) = 905d7b354f411f6b053e3ee6ada6771da8f5d310df5ef9c8eff5e88e6c31d968275cec1155bf8bbeeafa5c6436eb859f4d1dfdaefe097aa4feaea015559213cf SHA512 (kdump-1.3.4.tar.gz) = f9bedee4fc501f10c4a216f186d4ca85bef4d8a38c58ffe3e135d2bd25e013902a6f727e9b63d4c4668070b7c28107bfbd158727381ebc4cd469104c7a5de723